Customers for more than a hundred car dealerships across the US were put at risk because of shoddy database security

Zack Whittaker reports:

If you bought a car in the last few years, there’s a good chance your personal information may have found its way to the open internet.

Names, addresses, phone numbers and social security numbers for both customers and employees for over a hundred car dealerships have leaked online, all thanks to a centralized records system coupled with shoddy security.

The system, built and operated by DealerBuilt, an Iowa-based database software company, sells management systems for car dealerships across the US, offering a central system for sales, customer relations, and employee payroll needs.

Last week, MacKeeper security researchers found 128 dealership systems, known as LightYear machines, were backing up to DealerBuilt’s central systems without any encryption or security, allowing anyone to see what was being backed up.

Read more on ZDNet.

About the author: Dissent